System lag - found 4 iexplore.exe running

[Jedy]

First of all a big thank you for your work!
A few days ago i noticed my system works slower. For example almost impossible to use total commander due to lag. I tried to find a solution using smart monitoring and scanning for viruses. I had MSE and AVG, they didn't find anything. Then one of my friends told me about MBAM. Nothing in quick scan, a trojan eliminated in full scan. But the lag remained. After this i noticed four iexplore.exe running in task manager while i never use it.

 

Please help me to solve the problem. Thanks!

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2

Run by HP at 22:51:03 on 2013-12-25

Microsoft Windows 7 Home Premium   6.1.7601.1.1250.36.1038.18.3959.2545 [GMT 1:00]

.

AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2014\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\nvvsvc.exe

C:\windows\system32\svchost.exe -k RPCSS

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k GPSvcGroup

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\WLANExt.exe

C:\windows\system32\nvvsvc.exe

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe

C:\Program Files (x86)\Lenovo\Energy Management\utility.exe

C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe

C:\Windows\System32\regsvr32.exe

C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe

C:\windows\SysWOW64\regsvr32.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe

C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\AVG\AVG2014\avgui.exe

C:\Program Files (x86)\AVG\AVG2014\avgemca.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe,

BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID bejelentkezési segítség: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Akwworks] regsvr32.exe C:\Users\HP\AppData\Local\Akwworks\fpshell.dll

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe

mRun: [uCam_Menu] "C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"

mRun: [YouCam Mirror Tray icon] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY

StartupFolder: C:\Users\HP\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\HP\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Kép küldése &Bluetooth-eszköznek... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm

IE: Oldal küldése &Bluetooth-eszköznek... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm

TCP: NameServer = 192.168.0.1

TCP: Interfaces\{14AD829C-F034-4344-8B07-0D4FC75906B4} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{14AD829C-F034-4344-8B07-0D4FC75906B4}\44F4D4249423 : DHCPNameServer = 84.2.44.1 84.2.46.1

TCP: Interfaces\{14AD829C-F034-4344-8B07-0D4FC75906B4}\6456279656E646F62766 : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{F62E3729-34B3-4C9F-AAC6-4B87746AD711} : DHCPNameServer = 192.168.42.129

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\System32\NvCpl.dll,NvStartup

x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe

x64-Run: [ETDWare] C:\Program Files (x86)\Elantech\ETDCtrl.exe

x64-Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe

x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe

x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\az5i356s.default\

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2013-10-24 194872]

R0 Avgloga;AVG Logging Driver;C:\windows\System32\drivers\avgloga.sys [2013-10-31 294712]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]

R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2013-9-27 248240]

R1 Avgdiska;AVG Disk Driver;C:\windows\System32\drivers\avgdiska.sys [2013-11-5 150808]

R1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]

R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2013-10-31 212280]

R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2013-8-1 251192]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-5-28 13336]

R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2009-12-8 5009920]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-5-28 2320920]

R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\drivers\AcpiVpc.sys [2010-5-29 28176]

R3 HECIx64;Intel® Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2010-5-28 56344]

R3 usbsmi;Lenovo EasyCamera;C:\windows\System32\drivers\SMIksdrv.sys [2010-5-28 197504]

R3 wdmirror;wdmirror;C:\windows\System32\drivers\WDMirror.sys [2010-5-29 11280]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]

S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\windows\System32\drivers\ssadadb.sys [2011-5-13 36328]

S3 Bridge0;Bridge0;C:\windows\System32\drivers\WDBridge.sys [2010-5-29 79376]

S3 btusbflt;Bluetooth USB Filter;C:\windows\System32\drivers\btusbflt.sys [2010-5-28 52264]

S3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2010-5-28 35104]

S3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2010-5-28 167816]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2013-12-13 111616]

S3 IGRS;IGRS;C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-7-14 38152]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\windows\System32\drivers\k57nd60a.sys [2009-6-10 270848]

S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2010-5-29 509192]

S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2010-5-29 579400]

S3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;C:\windows\System32\drivers\MAudioFastTrackPro.sys [2010-12-7 187912]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]

S3 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2010-10-24 134944]

S3 NisSrv;Microsoft Hálózatfelügyelet;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]

S3 PS_MDP;ReadyComm Presentation Space Helper Service;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-11-28 19456]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2010-5-28 232992]

S3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2010-5-28 239616]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\windows\System32\drivers\ssadbus.sys [2011-5-13 157672]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]

S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\windows\System32\drivers\ssadserd.sys [2011-5-13 146920]

S3 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-11-26 5087584]

S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-11-28 57856]

S3 WatAdminSvc;Windows aktiválási technológiák szolgáltatás;C:\windows\System32\Wat\WatAdminSvc.exe [2010-10-28 1255736]

S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840]

.

=============== Created Last 30 ================

.

2013-12-25 21:08:00 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4F56C8A6-7125-4A38-872C-146DDE9512E9}\mpengine.dll

2013-12-24 22:09:38 -------- d-----w- C:\Users\HP\AppData\Roaming\Malwarebytes

2013-12-24 22:09:06 -------- d-----w- C:\ProgramData\Malwarebytes

2013-12-24 22:09:05 25928 ----a-w- C:\windows\System32\drivers\mbam.sys

2013-12-24 22:09:05 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-12-24 21:09:32 -------- d-----w- C:\Program Files\Speccy

2013-12-24 15:41:52 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-12-21 20:23:48 -------- d-----w- C:\Program Files\CCleaner

2013-12-18 21:08:02 -------- d-----w- C:\Users\HP\AppData\Local\Akwworks

2013-12-13 16:32:15 -------- d-----w- C:\07

2013-12-13 08:18:46 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe

2013-12-13 08:18:46 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe

2013-12-13 08:18:45 12625920 ----a-w- C:\windows\System32\wmploc.DLL

2013-12-13 08:18:45 12625408 ----a-w- C:\windows\SysWow64\wmploc.DLL

2013-12-13 08:15:57 4243968 ----a-w- C:\windows\SysWow64\jscript9.dll

2013-12-13 08:15:56 5769216 ----a-w- C:\windows\System32\jscript9.dll

2013-12-12 19:42:13 335360 ----a-w- C:\windows\System32\msieftp.dll

2013-12-12 19:42:12 301568 ----a-w- C:\windows\SysWow64\msieftp.dll

2013-12-12 19:42:11 3155968 ----a-w- C:\windows\System32\win32k.sys

2013-12-12 19:42:05 2048 ----a-w- C:\windows\SysWow64\tzres.dll

2013-12-12 19:42:05 2048 ----a-w- C:\windows\System32\tzres.dll

2013-12-06 12:05:52 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B4B7ECDE-1D75-4780-A772-AC94695F89A2}\gapaengine.dll

2013-11-28 13:15:24 -------- d-----w- C:\windows\Migration

2013-11-26 15:22:09 -------- d-----w- C:\Program Files (x86)\TeamViewer

2013-11-26 15:12:47 -------- d-----w- C:\Users\HP\AppData\Roaming\TeamViewer

.

==================== Find3M  ====================

.

2013-12-11 14:57:41 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-12-11 14:57:41 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2013-11-26 10:19:07 2724864 ----a-w- C:\windows\System32\mshtml.tlb

2013-11-26 10:18:23 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll

2013-11-26 09:48:07 66048 ----a-w- C:\windows\System32\iesetup.dll

2013-11-26 09:46:25 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll

2013-11-26 09:23:02 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb

2013-11-26 09:18:39 139264 ----a-w- C:\windows\System32\ieUnatt.exe

2013-11-26 09:18:09 111616 ----a-w- C:\windows\System32\ieetwcollector.exe

2013-11-26 09:16:57 708608 ----a-w- C:\windows\System32\jscript9diag.dll

2013-11-26 08:28:16 553472 ----a-w- C:\windows\SysWow64\jscript9diag.dll

2013-11-26 08:02:16 1995264 ----a-w- C:\windows\System32\inetcpl.cpl

2013-11-26 07:32:06 1928192 ----a-w- C:\windows\SysWow64\inetcpl.cpl

2013-11-26 07:07:57 2334208 ----a-w- C:\windows\System32\wininet.dll

2013-11-26 06:33:33 1820160 ----a-w- C:\windows\SysWow64\wininet.dll

2013-11-23 18:26:20 417792 ----a-w- C:\windows\SysWow64\WMPhoto.dll

2013-11-23 17:47:34 465920 ----a-w- C:\windows\System32\WMPhoto.dll

2013-11-20 08:04:18 194048 ----a-w- C:\windows\SysWow64\elshyph.dll

2013-11-20 08:04:17 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe

2013-11-19 10:21:41 267936 ------w- C:\windows\System32\MpSigStub.exe

2013-11-05 20:55:48 150808 ----a-w- C:\windows\System32\drivers\avgdiska.sys

2013-11-04 20:52:42 240920 ----a-w- C:\windows\System32\drivers\avgidsdrivera.sys

2013-10-31 22:00:18 212280 ----a-w- C:\windows\System32\drivers\avgldx64.sys

2013-10-31 21:49:46 294712 ----a-w- C:\windows\System32\drivers\avgloga.sys

2013-10-24 21:25:58 194872 ----a-w- C:\windows\System32\drivers\avgidsha.sys

2013-10-24 10:19:50 231376 ----a-w- C:\windows\System32\drivers\truecrypt.sys

2013-10-19 02:18:57 81408 ----a-w- C:\windows\System32\imagehlp.dll

2013-10-19 01:36:59 159232 ----a-w- C:\windows\SysWow64\imagehlp.dll

2013-10-12 02:32:04 150016 ----a-w- C:\windows\System32\wshom.ocx

2013-10-12 02:31:04 202752 ----a-w- C:\windows\System32\scrrun.dll

2013-10-12 02:30:42 830464 ----a-w- C:\windows\System32\nshwfp.dll

2013-10-12 02:29:21 859648 ----a-w- C:\windows\System32\IKEEXT.DLL

2013-10-12 02:29:08 324096 ----a-w- C:\windows\System32\FWPUCLNT.DLL

2013-10-12 02:04:36 121856 ----a-w- C:\windows\SysWow64\wshom.ocx

2013-10-12 02:03:31 163840 ----a-w- C:\windows\SysWow64\scrrun.dll

2013-10-12 02:03:08 656896 ----a-w- C:\windows\SysWow64\nshwfp.dll

2013-10-12 02:01:25 216576 ----a-w- C:\windows\SysWow64\FWPUCLNT.DLL

2013-10-12 01:33:39 156160 ----a-w- C:\windows\System32\cscript.exe

2013-10-12 01:33:26 168960 ----a-w- C:\windows\System32\wscript.exe

2013-10-12 01:15:48 141824 ----a-w- C:\windows\SysWow64\wscript.exe

2013-10-12 01:15:48 126976 ----a-w- C:\windows\SysWow64\cscript.exe

2013-10-08 05:50:37 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-10-05 20:25:35 1474048 ----a-w- C:\windows\System32\crypt32.dll

2013-10-05 19:57:25 1168384 ----a-w- C:\windows\SysWow64\crypt32.dll

2013-10-04 02:28:31 190464 ----a-w- C:\windows\System32\SmartcardCredentialProvider.dll

2013-10-04 02:25:17 197120 ----a-w- C:\windows\System32\credui.dll

2013-10-04 02:24:49 1930752 ----a-w- C:\windows\System32\authui.dll

2013-10-04 02:16:30 116736 ----a-w- C:\windows\System32\drivers\drmk.sys

2013-10-04 01:58:50 152576 ----a-w- C:\windows\SysWow64\SmartcardCredentialProvider.dll

2013-10-04 01:56:25 168960 ----a-w- C:\windows\SysWow64\credui.dll

2013-10-04 01:56:00 1796096 ----a-w- C:\windows\SysWow64\authui.dll

2013-10-04 01:36:04 230400 ----a-w- C:\windows\System32\drivers\portcls.sys

2013-10-03 02:23:48 404480 ----a-w- C:\windows\System32\gdi32.dll

2013-10-03 02:00:44 311808 ----a-w- C:\windows\SysWow64\gdi32.dll

2013-09-30 23:52:08 123704 ----a-w- C:\windows\System32\drivers\avgmfx64.sys

2013-09-28 01:09:10 497152 ----a-w- C:\windows\System32\drivers\afd.sys

2013-09-27 08:53:06 248240 ----a-w- C:\windows\System32\drivers\MpFilter.sys

2013-09-27 08:53:06 134944 ----a-w- C:\windows\System32\drivers\NisDrvWFP.sys

.

============= FINISH: 22:52:11,44 ===============

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium 

Boot Device: \Device\HarddiskVolume1

Install Date: 2010.10.27. 13:38:33

System Uptime: 2013.12.25. 22:13:07 (0 hours ago)

.

Motherboard: LENOVO |  | Base Board Product Name

Processor: Intel® Core i5 CPU       M 430  @ 2.27GHz | CPU | 1722/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 422 GiB total, 5,493 GiB free.

D: is FIXED (NTFS) - 29 GiB total, 7,784 GiB free.

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

 Update for Microsoft Office 2007 (KB2508958)

2007 Microsoft Office system

Adobe AIR

Adobe Flash Player 11 Plugin

Adobe Reader XI (11.0.05)

AVG 2014

Broadcom 802.11 Wireless Driver

BS.Player FREE

CCleaner

Conexant HD Audio

CyberLink YouCam

Dropbox

Energy Management

ETDWare PS/2-x64 7.0.4.16_WHQL

Google Chrome

Google Update Helper

ImgBurn

inSSIDer 3

Intel® Control Center

Intel® Management Engine Components

Intel® Rapid Storage Technology

Java 7 Update 45

Java 7 Update 9 (64-bit)

Java Auto Updater

Lenovo Bluetooth with Enhanced Data Rate Software

Lenovo DirectShare

Lenovo EasyCamera

Lenovo OneKey Recovery

Lenovo ReadyComm 5

Lenovo ReadyComm 5.0 Service

MAGIX Screenshare

MAGIX Speed 2 (MSI)

Malwarebytes Anti-Malware 1.75.0.1300 verzió

Microsoft .NET Framework 4.5.1

Microsoft Antimalware Service HU-HU Language Pack

Microsoft Application Error Reporting

Microsoft Office 2003 Web Components

Microsoft Office 2007 Primary Interop Assemblies

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access MUI (Hungarian) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel 2007 Help-frissítés (KB963678)

Microsoft Office Excel MUI (English) 2007

Microsoft Office Excel MUI (Hungarian) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (Hungarian) 2007

Microsoft Office InfoPath MUI (Hungarian) 2007

Microsoft Office Language Pack 2007 - Hungarian/Magyar változat

Microsoft Office Language Pack 2007 – Magyar változat (az Office Outlook 2007 with Business Contact Manager SP1 alkalmazáshoz)

Microsoft Office O MUI (Hungarian) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (Hungarian) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office Outlook MUI (Hungarian) 2007

Microsoft Office Powerpoint 2007 Help-frissítés (KB963669)

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint MUI (Hungarian) 2007

Microsoft Office Professional Hybrid 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Hungarian) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing (Hungarian) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Publisher MUI (Hungarian) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit MUI (Hungarian) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared MUI (Hungarian) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)

Microsoft Office SharePoint Designer MUI (Hungarian) 2007

Microsoft Office Small Business Connectivity Components

Microsoft Office Word 2007 Help-frissítés (KB963665)

Microsoft Office Word MUI (English) 2007

Microsoft Office Word MUI (Hungarian) 2007

Microsoft Office X MUI (Hungarian) 2007

Microsoft Search Enhancement Pack

Microsoft Security Client

Microsoft Security Client HU-HU Language Pack

Microsoft Security Essentials

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mozilla Firefox 26.0 (x86 hu)

Mozilla Maintenance Service

Mozilla Thunderbird 24.1.1 (x86 hu)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Native Instruments Controller Editor

Native Instruments Service Center

Native Instruments Traktor

NVIDIA Drivers

NVIDIA HD audio-illesztőprogram 1.3.18.0

NVIDIA Install Application

Onekey Theater

OpenOffice.org 3.1

OpenVPN 2.1.1

Realtek Ethernet Controller Driver For Windows Vista and Later

Realtek USB 2.0 Card Reader

Samplitude 11.5 Producer Download Version

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition 

Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 

Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition 

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 

Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition 

Shutdown Timer

Skype™ 5.10

Sound Forge Pro 10.0

Speccy

Synaptics Pointing Device Driver

TeamViewer 8

Total Commander (Remove or Repair)

TrueCrypt

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VeriFace

Visual Studio 2012 x64 Redistributables

Visual Studio 2012 x86 Redistributables

VLC media player 1.1.3

WhereIsIt? 3.97

Winamp (remove only)

Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000)

Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405)

Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)

Windows Driver Package - Lenovo (ACPIVPC) System  (10/19/2009 5.4.0.1)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Messenger

WinRAR 5.01 (64-bit)

.

==== End Of File ===========================

 

 

[Maniac]

Hello Jedy and ! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Step 1

I notice that you are using more than one antivirus program.

• AVG 2014
• Microsoft Security Essentials
• This is very dangerous, as multiple Antivirus programs can interfere with one another and actually allow more viruses to get through. It is important that only one antivirus program is running realtime protection. Please uninstall one of them and reboot your system.

  Step 2

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
  Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

[Jedy]

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.12.27.03

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16476

HP :: JEDY [administrator]

 

2013.12.27. 13:10:43

mbam-log-2013-12-27 (13-10-43).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 210266

Time elapsed: 3 minute(s), 32 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

[Maniac]

Any progress?

[Jedy]

I've done every step you wrote me:

1. uninstall avg 2014

2. quick scan in mbam, copy&paste log

So now i'm waiting what is the next step.

I hope I did everything right.

[Maniac]

I mean do you have any improvement or not?

[Jedy]

Oh i see. Nothing changed, the problem is still there.

[Maniac]

Thanks!

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage and read the ComboFix User's Guide:

• Once you've read the article and are ready to use the program you can download it directly from the link below.
• Important! - Please make sure you save combofix to your desktop and do not run it from your browser
• Direct download link for: ComboFix.exe
• Please make sure you disable your security applications before running ComboFix.
• Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
• Please copy/paste the contents or attach that log file to your next reply.
• If needed the file can be located here: C:\combofix.txt
• NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.

[Jedy]

ComboFix 13-12-26.01 - HP 013.12.27.  18:19:28.1.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1250.36.1038.18.3959.2555 [GMT 1:00]

Running from: c:\users\HP\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}

SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\pkunzip.pif

c:\windows\pkzip.pif

c:\windows\s.bat

c:\windows\XSxS

.

.

(((((((((((((((((((((((((   Files Created from 2013-11-27 to 2013-12-27  )))))))))))))))))))))))))))))))

.

.

2013-12-27 17:25 . 2013-12-27 17:25 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-12-27 15:02 . 2013-12-27 15:02 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9A45C761-F0D9-4915-9592-1ED587E0C871}\offreg.dll

2013-12-26 14:37 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9A45C761-F0D9-4915-9592-1ED587E0C871}\mpengine.dll

2013-12-25 21:54 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-12-24 22:09 . 2013-12-24 22:09 -------- d-----w- c:\users\HP\AppData\Roaming\Malwarebytes

2013-12-24 22:09 . 2013-12-24 22:09 -------- d-----w- c:\programdata\Malwarebytes

2013-12-24 22:09 . 2013-12-24 22:09 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2013-12-24 22:09 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-12-24 21:09 . 2013-12-24 21:09 -------- d-----w- c:\program files\Speccy

2013-12-21 20:23 . 2013-12-21 20:23 -------- d-----w- c:\program files\CCleaner

2013-12-18 21:08 . 2013-12-18 21:08 -------- d-----w- c:\users\HP\AppData\Local\Akwworks

2013-12-13 16:32 . 2013-12-13 22:34 -------- d-----w- C:\07

2013-12-13 08:18 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe

2013-12-13 08:18 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe

2013-12-13 08:18 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL

2013-12-13 08:18 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL

2013-12-13 08:18 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll

2013-12-13 08:15 . 2013-11-26 08:16 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll

2013-12-13 08:15 . 2013-11-26 08:35 5769216 ----a-w- c:\windows\system32\jscript9.dll

2013-12-12 19:42 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll

2013-12-12 19:42 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll

2013-12-12 19:42 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys

2013-12-12 19:42 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll

2013-12-12 19:42 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2013-12-06 12:05 . 2013-10-17 22:39 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B4B7ECDE-1D75-4780-A772-AC94695F89A2}\gapaengine.dll

2013-11-28 13:15 . 2013-11-28 13:15 -------- d-----w- c:\windows\Migration

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-12-14 02:01 . 2011-01-02 11:36 90708896 ----a-w- c:\windows\system32\MRT.exe

2013-12-11 14:57 . 2012-04-20 08:24 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-12-11 14:57 . 2011-07-09 22:44 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-11-20 08:04 . 2013-11-20 08:04 194048 ----a-w- c:\windows\SysWow64\elshyph.dll

2013-11-20 08:04 . 2013-11-20 08:04 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe

2013-11-20 08:03 . 2013-11-20 08:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2013-11-20 08:03 . 2013-11-20 08:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll

2013-11-20 08:03 . 2013-11-20 08:03 235008 ----a-w- c:\windows\system32\elshyph.dll

2013-11-20 08:03 . 2013-11-20 08:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll

2013-11-20 08:03 . 2013-11-20 08:03 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll

2013-11-20 08:03 . 2013-11-20 08:03 62464 ----a-w- c:\windows\SysWow64\tdc.ocx

2013-11-20 08:03 . 2013-11-20 08:03 61952 ----a-w- c:\windows\SysWow64\iesetup.dll

2013-11-20 08:03 . 2013-11-20 08:03 337408 ----a-w- c:\windows\SysWow64\html.iec

2013-11-20 08:03 . 2013-11-20 08:03 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll

2013-11-20 08:03 . 2013-11-20 08:03 454656 ----a-w- c:\windows\SysWow64\vbscript.dll

2013-11-20 08:03 . 2013-11-20 08:03 151552 ----a-w- c:\windows\SysWow64\iexpress.exe

2013-11-20 08:03 . 2013-11-20 08:03 139264 ----a-w- c:\windows\SysWow64\wextract.exe

2013-11-20 08:03 . 2013-11-20 08:03 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll

2013-11-20 08:03 . 2013-11-20 08:03 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2013-11-20 08:03 . 2013-11-20 08:03 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll

2013-11-20 08:03 . 2013-11-20 08:03 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll

2013-11-20 08:03 . 2013-11-20 08:03 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2013-11-20 08:03 . 2013-11-20 08:03 36352 ----a-w- c:\windows\SysWow64\imgutil.dll

2013-11-20 08:03 . 2013-11-20 08:03 13312 ----a-w- c:\windows\SysWow64\mshta.exe

2013-11-20 08:03 . 2013-11-20 08:03 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2013-11-20 08:03 . 2013-11-20 08:03 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2013-11-20 08:03 . 2013-11-20 08:03 942592 ----a-w- c:\windows\system32\jsIntl.dll

2013-11-20 08:03 . 2013-11-20 08:03 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll

2013-11-20 08:03 . 2013-11-20 08:03 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2013-11-20 08:03 . 2013-11-20 08:03 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2013-11-20 08:03 . 2013-11-20 08:03 52224 ----a-w- c:\windows\system32\msfeedsbs.dll

2013-11-20 08:03 . 2013-11-20 08:03 247808 ----a-w- c:\windows\system32\msls31.dll

2013-11-20 08:03 . 2013-11-20 08:03 195584 ----a-w- c:\windows\system32\msrating.dll

2013-11-20 08:03 . 2013-11-20 08:03 13312 ----a-w- c:\windows\system32\msfeedssync.exe

2013-11-20 08:03 . 2013-11-20 08:03 131072 ----a-w- c:\windows\system32\IEAdvpack.dll

2013-11-20 08:03 . 2013-11-20 08:03 77312 ----a-w- c:\windows\system32\tdc.ocx

2013-11-20 08:03 . 2013-11-20 08:03 48640 ----a-w- c:\windows\system32\mshtmler.dll

2013-11-20 08:03 . 2013-11-20 08:03 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll

2013-11-20 08:03 . 2013-11-20 08:03 105984 ----a-w- c:\windows\system32\iesysprep.dll

2013-11-20 08:03 . 2013-11-20 08:03 81408 ----a-w- c:\windows\system32\icardie.dll

2013-11-20 08:03 . 2013-11-20 08:03 616104 ----a-w- c:\windows\system32\ieapfltr.dat

2013-11-20 08:03 . 2013-11-20 08:03 453120 ----a-w- c:\windows\system32\dxtmsft.dll

2013-11-20 08:03 . 2013-11-20 08:03 413696 ----a-w- c:\windows\system32\html.iec

2013-11-20 08:03 . 2013-11-20 08:03 296960 ----a-w- c:\windows\system32\dxtrans.dll

2013-11-20 08:03 . 2013-11-20 08:03 84992 ----a-w- c:\windows\system32\mshtmled.dll

2013-11-20 08:03 . 2013-11-20 08:03 626176 ----a-w- c:\windows\system32\msfeeds.dll

2013-11-20 08:03 . 2013-11-20 08:03 548352 ----a-w- c:\windows\system32\vbscript.dll

2013-11-20 08:03 . 2013-11-20 08:03 30208 ----a-w- c:\windows\system32\licmgr10.dll

2013-11-20 08:03 . 2013-11-20 08:03 263376 ----a-w- c:\windows\system32\iedkcs32.dll

2013-11-20 08:03 . 2013-11-20 08:03 243200 ----a-w- c:\windows\system32\webcheck.dll

2013-11-20 08:03 . 2013-11-20 08:03 235520 ----a-w- c:\windows\system32\url.dll

2013-11-20 08:03 . 2013-11-20 08:03 167424 ----a-w- c:\windows\system32\iexpress.exe

2013-11-20 08:03 . 2013-11-20 08:03 143872 ----a-w- c:\windows\system32\wextract.exe

2013-11-20 08:03 . 2013-11-20 08:03 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll

2013-11-20 08:03 . 2013-11-20 08:03 101376 ----a-w- c:\windows\system32\inseng.dll

2013-11-20 08:03 . 2013-11-20 08:03 83968 ----a-w- c:\windows\system32\MshtmlDac.dll

2013-11-20 08:03 . 2013-11-20 08:03 774144 ----a-w- c:\windows\system32\jscript.dll

2013-11-20 08:03 . 2013-11-20 08:03 62464 ----a-w- c:\windows\system32\pngfilt.dll

2013-11-20 08:03 . 2013-11-20 08:03 48128 ----a-w- c:\windows\system32\imgutil.dll

2013-11-20 08:03 . 2013-11-20 08:03 147968 ----a-w- c:\windows\system32\occache.dll

2013-11-20 08:03 . 2013-11-20 08:03 13824 ----a-w- c:\windows\system32\mshta.exe

2013-11-20 08:03 . 2013-11-20 08:03 135680 ----a-w- c:\windows\system32\iepeers.dll

2013-11-19 10:21 . 2011-05-15 15:11 267936 ------w- c:\windows\system32\MpSigStub.exe

2013-10-24 10:19 . 2013-10-24 10:19 231376 ----a-w- c:\windows\system32\drivers\truecrypt.sys

2013-10-17 22:39 . 2011-08-12 07:21 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll

2013-10-14 17:00 . 2013-11-20 08:09 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE

2013-10-12 02:30 . 2013-11-14 08:58 830464 ----a-w- c:\windows\system32\nshwfp.dll

2013-10-12 02:29 . 2013-11-14 08:58 859648 ----a-w- c:\windows\system32\IKEEXT.DLL

2013-10-12 02:29 . 2013-11-14 08:58 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL

2013-10-12 02:03 . 2013-11-14 08:58 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll

2013-10-12 02:01 . 2013-11-14 08:58 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL

2013-10-11 10:17 . 2013-10-11 10:17 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin

2013-10-08 05:50 . 2013-10-16 21:05 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-10-05 20:25 . 2013-11-14 09:20 1474048 ----a-w- c:\windows\system32\crypt32.dll

2013-10-05 19:57 . 2013-11-14 09:20 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll

2013-10-04 02:28 . 2013-11-14 09:19 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll

2013-10-04 02:25 . 2013-11-14 09:19 197120 ----a-w- c:\windows\system32\credui.dll

2013-10-04 02:24 . 2013-11-14 09:19 1930752 ----a-w- c:\windows\system32\authui.dll

2013-10-04 01:58 . 2013-11-14 09:19 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll

2013-10-04 01:56 . 2013-11-14 09:19 168960 ----a-w- c:\windows\SysWow64\credui.dll

2013-10-04 01:56 . 2013-11-14 09:19 1796096 ----a-w- c:\windows\SysWow64\authui.dll

2013-10-03 02:23 . 2013-11-14 09:10 404480 ----a-w- c:\windows\system32\gdi32.dll

2013-10-03 02:00 . 2013-11-14 09:10 311808 ----a-w- c:\windows\SysWow64\gdi32.dll

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 130736 ----a-w- c:\users\HP\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 130736 ----a-w- c:\users\HP\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 130736 ----a-w- c:\users\HP\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"Akwworks"="c:\users\HP\AppData\Local\Akwworks\fpshell.dll" [2013-12-18 24576]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-12-23 284696]

"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2010-05-28 3122528]

"UCam_Menu"="c:\program files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]

"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2009-12-22 167008]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-8-11 1080608]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe;c:\windows\SYSNATIVE\IgrsSvcs.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]

R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys;c:\windows\SYSNATIVE\drivers\WDBridge.sys [x]

R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]

R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [x]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]

R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe;c:\program files\Lenovo\ReadyComm\AppSvc.exe [x]

R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [x]

R3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys;c:\windows\SYSNATIVE\DRIVERS\MAudioFastTrackPro.sys [x]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft Hálózatfelügyelet;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]

R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe;c:\windows\SYSNATIVE\IgrsSvcs.exe [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]

R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]

R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]

R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]

R3 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows aktiválási technológiák szolgáltatás;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]

S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]

S3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys;c:\windows\SYSNATIVE\DRIVERS\SMIksdrv.sys [x]

S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys;c:\windows\SYSNATIVE\DRIVERS\WDMirror.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

IgrsSvcs REG_MULTI_SZ   ReadyComm.DirectRouter PS_MDP

<NO NAME> REG_SZ        

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-12-06 00:55 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-12-27 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 14:57]

.

2013-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-27 11:46]

.

2013-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-27 11:46]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 164016 ----a-w- c:\users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 164016 ----a-w- c:\users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 164016 ----a-w- c:\users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 164016 ----a-w- c:\users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]

@="{771C7324-DA80-49D3-8017-753B0AF60951}"

[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]

2010-05-28 21:06 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-12-11 16414312]

"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2009-11-28 508472]

"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]

"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2009-12-17 4367808]

"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2009-12-17 6988736]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Kép küldése &Bluetooth-eszköznek... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm

IE: Oldal küldése &Bluetooth-eszköznek... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm

TCP: DhcpNameServer = 213.46.246.53 213.46.246.54

FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\az5i356s.default\

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Toolbar-Locked - (no file)

HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2013-12-27  18:28:28

ComboFix-quarantined-files.txt  2013-12-27 17:28

.

Pre-Run: 5 752 606 720 bájt szabad

Post-Run: 5 583 089 664 bájt szabad

.

- - End Of File - - BD8601DD2D6B07F0FA14FA8BAA5EC887

[Jedy]

Now my computer seems to be as fast as before, but i checked the task manager and the 4 iexplore.exe are still there.

 

[Jedy]

I restarted my computer and the lag is back. iexplore.exe-s are running.

[Maniac]

Please scan your machine with ESET OnlineScan

• Hold down Control and click on the following link to open ESET OnlineScan in a new window.

  ESET OnlineScan

• Click the button.
• For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

    Save it to your Desktop.

  • Double click on the to download the ESET Smart Installer. icon on your Desktop.
• Check "YES, I accept the Terms of Use."
• Click the Start button.
• Accept any security warnings from your browser.
• Under Scan Settings, check "Scan Archives" and "Remove found threats"
• Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, click List Threats
• Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
• Click the Back button.
• Click the Finish button.

[Jedy]

C:\Downloads\Image\Power.ISO.4.8.by.turysta16.rar a variant of Win32/Keygen.AK application

C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\az5i356s.default\extensions\{E377E68E-6CC1-9F94-C7A1-A39F79CA7B92}\components\WTVFilePropertyHandler.js Win32/Boaxxe.BE trojan cleaned by deleting - quarantined

D:\00\Program\Samplitude 11.5.0.0 Producer\trial_samplitude115producer_dlv_en.exe a variant of Win32/Bundled.Toolbar.Ask application deleted - quarantined

D:\00\Program\www.piriform.com\ccsetup408.exe Win32/Bundled.Toolbar.Google.D application cleaned by deleting - quarantined

D:\00\Program\www.piriform.com\dfsetup216.exe Win32/Bundled.Toolbar.Google.D application cleaned by deleting - quarantined

D:\00\Program\www.piriform.com\rcsetup149.exe Win32/Bundled.Toolbar.Google.D application cleaned by deleting - quarantined

D:\00\Program\www.piriform.com\spsetup124.exe Win32/Bundled.Toolbar.Google.D application cleaned by deleting - quarantined

[Jedy]

Nothing changed.

[Maniac]

Please download the Kaspersky Virus Removal Tool from here to your Desktop.

Double-click the Removal Tool.

Click the cog in the upper right corner:

Select down to and including your main drive.

Once done please select the Automatic Scan tab and press Start Scan.

Allow AVP to delete all infections found.

Once it has finished select the Report tab.

Select the Detected threats report from the left and press the Save button.

Save it to your Desktop and post the contents in your next reply.

[Jedy]

No detected malware, so unfortunately nothing to post here.

[Maniac]

Check the suggestions from Don Varnau:

http://answers.microsoft.com/en-us/ie/forum/ie10-windows_7/multiple-copies-of-ieexe-32-bit-running-when-only/ba237f17-b2d7-4afc-8557-41969b20363d

[AdvancedSetup]

Are you still with us?

[Jedy]

Oh,yes yes! Sorry, i had some non IT problems.

I read the forum. Only the post about the clean startup seems to be helpful, because i never used IE on this computer before.

But i did't have time to do the process. I tried only to kill almost all non system processes and then the lag dissapeareda and the iexpolre.exe-s didn't come back.

[Maniac]

Thanks for letting us know!

Last steps:

Step 1

• Download OTL to your desktop and run it.
• Click on CleanUp button.
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Step 2

Please uninstall ESET Online Scanner and manually delete Kaspersky AVP .

Step 3

Some malware preventions:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing!

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!